| commit | author | age | ||
| e549e5 | 1 | --- |
| T | 2 | - name: Step 002 Post Infrastructure |
| 3 | hosts: localhost | |
| 4 | connection: local | |
| 5 | become: false | |
| 281c84 | 6 | vars_files: |
| GC | 7 | - "./env_vars.yml" |
| 8 | - "./env_secret_vars.yml" | |
| e549e5 | 9 | tags: |
| T | 10 | - step002 |
| 11 | - post_infrastructure | |
| 12 | tasks: | |
| 13 | ||
| 14 | - name: Job Template to launch a Job Template with update on launch inventory set | |
| 15 | uri: | |
| 16 | url: "https://{{ ansible_tower_ip }}/api/v1/job_templates/{{ job_template_id }}/launch/" | |
| 17 | method: POST | |
| 18 | user: "{{ tower_admin }}" | |
| 19 | password: "{{ tower_admin_password }}" | |
| 20 | body: | |
| 21 | extra_vars: | |
| cf15a5 | 22 | guid: "{{ guid }}" |
| e549e5 | 23 | ipa_host_password: "{{ ipa_host_password }}" |
| T | 24 | |
| 25 | body_format: json | |
| 26 | validate_certs: False | |
| 27 | HEADER_Content-Type: "application/json" | |
| 28 | status_code: 200, 201 | |
| 29 | when: tower_run == 'true' | |
| cf15a5 | 30 | |
| e549e5 | 31 | - name: customizization entry point for labs |
| T | 32 | hosts: control_nodes |
| 33 | gather_facts: false | |
| 34 | ||
| 35 | tasks: | |
| 36 | ||
| 37 | - name: test clone to control host | |
| 38 | git: | |
| 39 | repo: https://github.com/tonykay/bad-ansible.git | |
| 40 | dest: /tmp | |
| 41 | ||
| cf15a5 | 42 | - name: create our own ansible agnostic deployer inventory |
| e549e5 | 43 | hosts: localhost |
| T | 44 | connection: local |
| 45 | gather_facts: false | |
| 46 | become: false | |
| 281c84 | 47 | vars_files: |
| GC | 48 | - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_vars.yml" |
| 49 | - "{{ ANSIBLE_REPO_PATH }}/configs/{{ env_type }}/env_secret_vars.yml" | |
| e549e5 | 50 | tags: |
| T | 51 | - step001 |
| 52 | - pre_infrastructure | |
| 53 | - generate_env_keys | |
| 54 | ||
| cf15a5 | 55 | tasks: |
| T | 56 | - name: get rid of linklight deployers hostvars |
| e549e5 | 57 | set_fact: |
| T | 58 | hostvars: "" |
| 59 | ||
| 60 | - name: Gather EC2 facts | |
| 61 | ec2_instance_facts: | |
| 62 | aws_access_key: "{{ aws_access_key_id }}" | |
| 63 | aws_secret_key: "{{ aws_secret_access_key }}" | |
| cf15a5 | 64 | region: "{{ aws_region_final | default(aws_region) | default(region) | default('us-east-1') }}" |
| e549e5 | 65 | filters: |
| T | 66 | instance-state-name: running |
| 67 | "tag:Workshop": "{{ guid }}" | |
| 68 | register: ec2_facts | |
| 69 | ||
| 70 | - name: print our new instances | |
| 71 | debug: | |
| c1c42a | 72 | msg: "instance short name is: {{ item.tags.short_name }}" |
| GC | 73 | # var: item |
| 74 | verbosity: 2 | |
| e549e5 | 75 | with_items: "{{ ec2_facts['instances'] }}" |
| cf15a5 | 76 | |
| e549e5 | 77 | - name: print our bastion when found |
| T | 78 | debug: |
| 79 | msg: "found BASTION {{ item.id }}" | |
| c1c42a | 80 | verbosity: 2 |
| e549e5 | 81 | when: item.tags.short_name == 'ansible' |
| T | 82 | with_items: "{{ ec2_facts['instances'] }}" |
| 83 | ||
| cf15a5 | 84 | - name: Ensure Project AnsibleGroup guid tags are present on all resources |
| e549e5 | 85 | ec2_tag: |
| cf15a5 | 86 | region: "{{ aws_region_final | default(aws_region) | default(region) | default('us-east-1') }}" |
| T | 87 | resource: "{{ instance.id }}" |
| 88 | state: present | |
| e549e5 | 89 | tags: |
| cf15a5 | 90 | Project: "{{ env_type }}-{{ guid }}" |
| T | 91 | AnsibleGroup: "all" |
| 92 | guid: "{{ guid }}" | |
| 93 | loop: "{{ ec2_facts['instances'] }}" | |
| 94 | loop_control: | |
| 95 | loop_var: instance | |
| e549e5 | 96 | |
| T | 97 | - name: tag bastion hosts with the bastion group tag |
| 98 | ec2_tag: | |
| 99 | region: "{{ aws_region_final | d(aws_region) | d(region) | d('us-east-1') }}" | |
| 100 | resource: "{{ item.id }}" | |
| 101 | state: present | |
| 102 | tags: | |
| 103 | Project: "{{ env_type }}-{{ guid }}" | |
| 104 | AnsibleGroup: "bastions" | |
| 105 | when: item.tags.short_name == 'ansible' | |
| cf15a5 | 106 | with_items: "{{ ec2_facts['instances'] }}" |
| e549e5 | 107 | |
| T | 108 | - name: Run infra-ec2-create-inventory Role |
| 109 | include_role: | |
| 281c84 | 110 | name: "{{ ANSIBLE_REPO_PATH }}/roles/infra-ec2-create-inventory" |
| e549e5 | 111 | |
| T | 112 | - name: Run Common SSH Config Generator Role |
| 113 | include_role: | |
| cf15a5 | 114 | name: "{{ ANSIBLE_REPO_PATH }}/roles/infra-common-ssh-config-generate" |
| e549e5 | 115 | |
| T | 116 | - name: ssh workaround thing |
| cf15a5 | 117 | hosts: all |
| e549e5 | 118 | connection: local |
| T | 119 | become: false |
| 281c84 | 120 | vars_files: |
| GC | 121 | - "./env_vars.yml" |
| 122 | - "./env_secret_vars.yml" | |
| e549e5 | 123 | tags: |
| T | 124 | - step002 |
| 125 | - post_infrastructure | |
| 126 | tasks: | |
| 127 | ||
| 128 | - name: set facts for remote access | |
| 129 | set_fact: | |
| 281c84 | 130 | ansible_ssh_extra_args: "{{ ansible_ssh_extra_args|d() }} -F {{ ANSIBLE_REPO_PATH }}/workdir/{{ env_type }}_{{ guid }}_ssh_conf" |
| cf15a5 | 131 | ... |
